Select Page

Second in a two-part series with Rowan Trollope. Yesterday, thoughts on OneCare, Norton Confidential and Genesis.  Today, SiteAdvisor and emerging threats.

What do you think of McAfee’s recent acquisition of SiteAdvisor?

Chris Dixon, and the folks at SiteAdvisor built an interesting technology.  I don’t know what McAfee plan to do with it. 

The real shame is that SiteAdvisor doesn’t really work very well for phishing attacks — it wasn’t designed for that.  So users of SiteAdvisor need to be aware that while they are getting the “green light”, it doesn’t have best of breed anti-phishing technology…  Why?  SiteAdvisor was a startup, and they had to focus on doing something new that wasn’t already being done.  Whole Security, Microsoft and a few others were already quite far ahead on the phishing side, so they chose to focus on spam, popups and other “known” malicious code.  Unfortunately for users, while these are “interesting”, they aren’t as critical as protection against the real threats – namely phishing and pharming.

While this choice may have been right for SiteAdvisor the startup company, McAfee now has a big hole in their portfolio — no competitive anti-phishing technology — at least none that I’m aware of.

Our approach is to focus on the real threats, and to also provide users a “red-light/green-light” in their browser (with the Norton Toolbar).  We think this in-browser technology is so important, we’re not only including it in Norton Confidential, but also in Norton Internet Security and the upcoming Genesis.

You have been in the industry for 15 years, since the early days of viruses.  Most recently, you wrote about Vishing.  What other new types of attacks do you see on the horizon?

Yes, Wifi attacks — what I call wifi jacking (I think it has another “official” name, such as the recently reported “evil twin”).  Others are more crafty trojans, screenscrapers, password stealers, etc.  Blended threats using worms to propagate crimeware will continue and accelerate.

With Web2.0 sites becoming more and more useful and complex, we’ll see more attacks embedded in Javascript and against back-end systems which contain more and more valuable user data.

When I think of these, we try to start working on the protection concepts well before we even see the threats, so we’re already looking at this stuff now, even though many of these threats have yet to materialize.

On a personal note, what do you do in your spare time when you’re not working? 

I spend my “free” time snowboarding, racing motorcycles, painting, playing ice-hockey, and hanging out with my family and friends

Eesh. Snowboarding, racing motorcycles, painting, playing ice-hockey?  Sounds like way too much work for me. 

Alex Eckelberry